Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo ARISTOCRAT.COM

Group: clop

Discovered by ransomware.live: 2023-07-26

Estimated attack date: 2023-07-26

Description:

A global gaming & technology company - Aristocrat Leisure Limited


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse godaddy.com
MX Records
  • us-smtp-inbound-2.mimecast.com.
  • us-smtp-inbound-1.mimecast.com.
TXT Records
  • atlassian-domain-verification=7chUpCoAQAwXMhJItdaSMhlfSg9sqL7rSPJ3zOdJY9ml733a0DATLNog9jbFihht
  • mongodb-site-verification=rFetCfWNkmbCpr8t2nfOmgNFlZDWIZKT
  • mongodb-site-verification=eaz0UTj2tKjdVuK3iibASQX5ADvXSeK6
  • docusign=8a506e4f-c124-490b-a7e0-abe0381b32f2
  • 5ipiac1ehbli2fk2k6k70vmlck
  • slack-domain-verification=dX0QTPbW89eXMQlunk4Y44gq27A0qx2MWl1MJ5MT
  • tyh1kwlwpb8rywfgzfvy9g5jk0z6pt4y
  • pardot1024621=0ec5eda2d7f5aa8a64f2c80f04cb12ee7d561aa97edad79a8a16826b10d836c3
  • openai-domain-verification=dv-WDg9lRV0bqioCxl9hGFkgwvh
  • dX0QTPbW89eXMQlunk4Y44gq27A0qx2MWl1MJ5MT
  • 8c65a20bdae54ba3b6d067f51a143be5
  • P9wMpOxJQML9hbp3i4PhUHQUeUYqELdkWQQBeGOUA9/Z5O0k3oykDUBeCSRDsXDy9M8kCvo1qkP2Me9OKdga4w==
  • k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDGoQCNwAQdJBy23MrShs1EuHqK/dtDC33QrTqgWd9CJmtM3CK2ZiTYugkhcxnkEtGbzg+IJqcDRNkZHyoRezTf6QbinBB2dbyANEuwKI5DVRBFowQOj9zvM3IvxAEboMlb0szUjAoML94HOkKuGuCkdZ1gbVEi3GcVwrIQphal1QIDAQAB;
  • sending_domain1074563=ad7ed5cdf116e3543b138219602fbbc1bba75022d98d450c90d27061bfe8977c
  • docusign=548c32e7-349f-42ee-bcb1-940ee216616d
  • miro-verification=1c64e40a98d43e209f6844eda35f7a4797a81530
  • 53mv52m1pnk7uqfq2srr035t37
  • MS=ms60732662
  • google-site-verification=0tfxbbja1fEBZzCvmYIXw8y5yPoqSqrUp3X0RkJmCwY
  • sending_domain1024621=0e77dc9c83cd33811e95e66c5e4645b2af31e50673a013b1f7e118291a0ccd25
  • vcqkicj8m5p44ifrg4e5ljkodj
  • jamf-site-verification=UDfwc10gflHqb8B2zDeQCQ
  • v=spf1 redirect=40eg6fu0._spf._d.mim.ec
  • wrike-verification=NTI2NTczMzo2ZWIxNTZlZTJhMzcwYWRhM2M3YjUxOGQ2M2Y2MDU1Y2M3NTBiZDk5ODk1NGM1N2FkOWJjZWJiMTAyZDBlNjk2
  • z5l5pxnn0b7shmzrshzdwlg0r7glc772
  • pardot1039243=05546387e3b9085aaff659658fe829cc904f2afd46dd423c8da7fb973d66858d
  • google-site-verification=oHtZe015RG7jvAGfvX96uBcEYWh5XXg84HWqVxYXCR0
  • google-site-verification=G8COIJHMvGuSglYni0OzFje0x3QAIv1BOhLxnYiEhcg
  • smartsheet-site-validation=mgrWoX3Yit6P0Xi2x004MyLOM3XX_624
  • wiz-domain-verification=98c6ed1552109dfcb8a7fcdbfb27220c1d16312e92ab036646432afab30dd010
  • knowbe4-site-verification=a54f655a04aaed0d46ee141c00d6eb3b
  • mongodb-site-verification=PIDPSsZO7oPOpgjezJq0jY2JBdwDP1fZ
  • mongodb-site-verification=R6ZltMhJyRJugAZYymFL66TTD6km3AlK
  • unity-sso-verification=a49ba1f1-1e96-4200-a617-e70e3282d6e9
  • lucid-verification=xlmH6oBZPzN7G1HSVrQO
  • e91mm04lrcg3cnpp4ih8103lm8
  • pardot1074563=c2a6527f4c15471f6b926614e99f93a9ce6c83246100f4848d017a79fe57a59e
  • knowbe4-site-verification=6ad747d2bb44c0ed0948526c94950d23
  • sending_domain1039243=6a70587ddea7a4a587ac690d52f263a0f47ec7baea192d04e041a7e4ea9e738b
  • google-site-verification=ZGqeqgAgvIAz4dPameIumMszXGYSN6VXLZ4qhotq0Pc
  • w98ykbf4st7k4jnp0sybvsvk09txb9vq
  • docker-verification=1c830374-5e22-4d9b-87d1-f65f6e4a12d5
  • dygxn8hnnmdn2yv2hs0syw9xqgtnpn11
  • mD3-QJw0_V6oCmvGIMpJ78jUkCs
  • Uxiu2Kd840J_DVQXj-l2kQ4
  • 1p6gbDF+nvINa5e6oZen/jG1xjhGX2pDKTuaRI9E0jNKahg19CjfhEJd6Xp259Y99byOsphc0/JbAnyyxdeQ/g==
  • uber-domain-verification=8d7585ce-cf55-47bf-b182-425fc67b88d6
  • mongodb-site-verification=i8aeKCEF05jE9hBBbizpS78TZRtiLcVK
  • pardot1039243=55853906dcadc529d6fdd29b8fc8f12d57071c2cbd82463518030ff20b749d80
  • 4s6rj6vqliefsvsrog0s9ceknn
  • wrike-verification=MTI3MjU1MDpkMDM5ZmVkMjc3N2EzY2VkNzU3M2MzMmU4YmEzMDY0OGUxOTBhMjU1MzkyNDM3YzhhNTM5N2IyOTc4ZjUyZTkz
  • p8kfvdui9c2hngsnd1s1fvuqjq
  • mgverify=4b65fe04b0a3a72250d0cd4dccf8a7cfeec5f3a4972af089995c122d21ee2332
  • postman-domain-verification=d425dc9440c5e27b6f94a543874ad20ad03ec30f60693292fec365f29e401adf6e4893b9e3d85ecf4be15839272446f2e3e62507e03fd9b82603a38aeb824f08
  • hka2l9ebe1ddmmjvce61gbja6t
  • eq0asp0rufifqgfol6klkvfdj3
  • adobe-idp-site-verification=3a87ea59-5ba6-4a52-9953-df7effd41941
  • 0ed1fe018a9062177006b64a099b4ae4a983cc15da
  • 3+V9dcImb41uGWSdRnC/V6d/mt+XGI91qkQzh4/ykBhTDxynsQPy0XAKZ2ofPpC8+5xlUeF3NOlNn3vjdxdexg==
  • drfqa60lucg12bc7nku279n99p
  • mongodb-site-verification=LVPk5vXOkc9hE8rLvPXGJobvWKYtyBmA
  • lbs1ijesd7s5uq48664cnt7ir8
  • flexera-domain-verification-edqwhalppesbilbb
  • 1password-site-verification=SCLCCY4F6RHONATUTYZPGH7K5A
  • pardot1074563=f69a4ca433cda7773785277d68ac2db965012fbd8003761954704345a8e20c02
  • 0rkmtb8nqkw92gd8v1qydnyf3fvys229
  • pardot404752=578c96700d2eff60822fba18f78dbd5b93e9344d34a40d1192dedadadee2c1b3
Cloud / SaaS Services Detected
Adobe Atlassian Microsoft 365 Salesforce Slack Miro Flexera JamF KnowBe4 DocuSign

Leak Screenshot:

Leak Screenshot